Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hello, we have an ASA5520 that is functioning as our Remote access VPN endpoint for remote users on the Internet. We are currently using the legacy Cisco IPSec VPN client for VPN connections, moving to AnyConnect shortly.This ASA firewall has 3 inte...
Hi, we are currently migrating from an existing Active Directory domain to a new one. We currently use the Cisco IPSec VPN client software (ASA5520, version 9.1) for users to log into VPN, and we have our existing domain controllers specified as the...
Hi All, we are in the process of upgrading from ASA version 8.2 to 9.1. I have all of the software upgrade requirements and hardware requirements in place. One thing that I am a bit hung up on is the use of names versus Objects.I know that names ca...
Hi all, have a few questions on the new version of Natting, post ASA version 8.2 which is what I am familiar with.I have a new 5525x firewall running ASA version 9.1(3)2 that I am setting up, and I have a basic grasp on the new NAT config, but I have...
Hi, I have what I believe will be an easy question, but I cannot find the answer and cannot afford to test it on our production ASA.I am running an ASA firewall, we are performing PAT with one Public IP Address for all inside traffic accessing the In...
Thank you for your reply, Marvin. I figured that I would need to specify the authentication server group, but I was looking for options under the group policy... I should have been looking under the tunnel group. Your reply sparked me to look there...
Thanks for the reply Jim! So now I am even more confused... not through any lack of explanation from you, rather only from my own ignorance on this topic. So I guess I have two follow-up questions, if you have time:1) What is the difference between...
Thanks for the reply.Our current Dynamic PAT config is as follows:global (outside) 1 x.x.x.120nat (inside) 1 access-list Inside-outThe Inside-out ACL entries consists of our internal network 10.x.0.0/16 as the source IP, and allows only certain servi...
